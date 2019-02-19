Upstream’s security platform, Secure-D, detected suspicious activity initiated by an Android app named "Weather Forecast - World Weather Accurate Radar". The app, which has since been removed, was also available on Google Play, with more than 10 million downloads, including those in the UK, USA, and France. It claimed to provide “accurate forecasts and timely local weather alerts.” The app was ranked 6 in its category in the UK. Despite user complaints, which were seemingly pushed down in the ‘ratings and reviews’ section, the app had a 4.4-star rating.

When infected devices were tested by Secure-D, the app was found to collect and transfer users’ personal information to servers online, including the user’s device ID, their email, and location. Furthermore, it was found to behave like a typical malicious app, which attempts ad fraud by loading pages with ads and clicking on them, as well as triggering subscriptions to premium services without the user’s consent. Had these fraudulent attempts not been blocked, they would have cost users up to $1.5 million in fraudulent charges.

Furthermore, this activity, which was invisible to the users, was consuming up to 250MB of their data daily and had a particularly adverse impact on consumers in emerging markets, where the cost of data is extremely high.